Lucene search
K
SuseMost viewed

5440 matches found

SUSE Linux
SUSE Linux
•added 2025/03/28 1:55 p.m.•4 views

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed Jinja sandbox breakout through attr filter selecting format method bsc1238879 CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 CVE-2024-56326: Fixed sandbox breako...

8.1CVSS7.3AI score0.005EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/03/26 12:12 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-2201: Fixed information leak in x86/BHI bsc1217339. CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers bsc1228483. CVE-2024-42098:...

8.5CVSS8AI score0.08555EPSS
Exploits11References1974
SUSE Linux
SUSE Linux
•added 2025/03/25 2:8 a.m.•4 views

Security update for freetype2

This update for freetype2 fixes the following issues: CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files bsc1239465. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

9.2CVSS7.2AI score0.26049EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/03/24 12:15 p.m.•4 views

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

6.8CVSS7.3AI score0.00233EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/03/24 9:51 a.m.•4 views

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.5CVSS7.4AI score0.00465EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/19 6:34 p.m.•4 views

Security update for freetype2

This update for freetype2 fixes the following issues: CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files bsc1239465. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

9.2CVSS7.4AI score0.26049EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/03/11 3:28 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo bsc1225736. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088. CVE-2024-50142: xfrm: validate new...

8.8CVSS7.6AI score0.03301EPSS
Exploits2References396
SUSE Linux
SUSE Linux
•added 2025/03/06 2:5 p.m.•4 views

Security update for go1.24

This update for go1.24 fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs bsc1238572 Other fixes: Updated go version to go1.24.1 bsc1236217: go71986 go71984 bsc1238572 security: fix CVE-2025-22870 net/http,...

4.8CVSS6.8AI score0.00384EPSS
Exploits2References6
SUSE Linux
SUSE Linux
•added 2025/03/05 3:58 p.m.•4 views

Security update for pcp

This update for pcp fixes the following issues: CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-3019: Fixed exposure of the redis backend server allowing...

8.8CVSS8.1AI score0.01002EPSS
Exploits0References22
SUSE Linux
SUSE Linux
•added 2025/03/04 8:28 a.m.•4 views

Security update for pam_u2f

This update for pamu2f fixes the following issues: update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...

7.8CVSS7.2AI score0.00397EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/03 1:41 p.m.•4 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250226T025151 2025-02-26T02:51:51Z. jscPED-11136 GO-2025-3487 CVE-2025-22869 GO-2025-3488 CVE-2025-22868 Update to version 0.0.20250218T203201 2025-02-18T20:32:01Z. jscPED-11136 GO-2024-3321 CVE-2024-45337...

9.1CVSS6.7AI score0.03092EPSS
Exploits2References2
SUSE Linux
SUSE Linux
•added 2025/02/28 4:30 p.m.•4 views

Security update for tiff

This update for tiff fixes the following issues: CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits in tiffcrop.c bsc1212607. CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt leading to denial of service bsc1219213. Other bugfixes: Fixed tiff build issue on...

6.1CVSS7.5AI score0.02187EPSS
Exploits1References10
SUSE Linux
SUSE Linux
•added 2025/02/28 10:9 a.m.•4 views

Security update for libX11

This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

6.8CVSS8.1AI score0.00485EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/26 1:46 p.m.•4 views

Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040 CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server bsc1237041 Other issues fixed: Fix ssh client segfault...

8.2CVSS7.5AI score0.38474EPSS
Exploits5References18
SUSE Linux
SUSE Linux
•added 2025/02/26 1:30 p.m.•4 views

Security update for vim

This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...

4.6CVSS8AI score0.00492EPSS
Exploits1References24
SUSE Linux
SUSE Linux
•added 2025/02/24 10:46 a.m.•4 views

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write access to data through the Hotspot component API bsc1236278. Patch Instructions: To install this SU...

6.3CVSS7.4AI score0.00971EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/02/21 2:11 p.m.•4 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.17: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS7.2AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/21 11:0 a.m.•4 views

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...

8.1CVSS7.3AI score0.01956EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2025/02/21 10:47 a.m.•4 views

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.20: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS7.3AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/21 10:45 a.m.•4 views

Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.4: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS7.2AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/21 10:41 a.m.•4 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.17: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS7.3AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/21 10:40 a.m.•4 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS8.2AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/20 9:42 p.m.•4 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References88
SUSE Linux
SUSE Linux
•added 2025/02/20 9:16 a.m.•4 views

Security update for helm

This update for helm fixes the following issues: Update to version 3.17.1: CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content bsc1235318. CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent authorization bypass in golang.org/x/crypt...

8.2CVSS6.9AI score0.03092EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2025/02/14 3:26 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction bsc1235969. CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc1235920...

8.8CVSS7.8AI score0.03301EPSS
Exploits2References396
SUSE Linux
SUSE Linux
•added 2025/02/14 7:19 a.m.•4 views

Security update for SUSE Manager Client Tools MU 5.0.3

This update fixes the following issues: spacecmd was updated to version 5.0.11-0: Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: Security issues fixed: CVE-2024-22037: Use podman secret to store the database credentials bsc1231497 Other changes and bugs...

5.7CVSS7.6AI score0.00172EPSS
Exploits0References30
SUSE Linux
SUSE Linux
•added 2025/02/11 10:40 a.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop...

8.7CVSS8.4AI score0.03558EPSS
Exploits5References1078
SUSE Linux
SUSE Linux
•added 2025/02/07 5:18 p.m.•4 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

8.2CVSS6.3AI score0.00601EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/06 2:44 p.m.•4 views

Security update for wget

This update for wget fixes the following issues: CVE-2021-31879: Authorization header disclosed upon redirects to different origins. bsc1185551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

6.5CVSS7.3AI score0.01104EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2025/02/04 12:59 p.m.•4 views

Security update for bind

This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load bsc1236597...

8.7CVSS8AI score0.16182EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/02/03 3:14 p.m.•4 views

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.14+7 January 2025 CPU: Security fixes: CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font color JDK-802812...

6.3CVSS7.8AI score0.00971EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/03 9:17 a.m.•4 views

Security update for haproxy

This update for haproxy fixes the following issues: Update to version 2.8.11+git0.01c1056a4: VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 BUG/MINOR: cfgparse-listen: fix option httpslog overrid...

6.5CVSS7.6AI score0.01043EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/03 9:9 a.m.•4 views

Security update for expat

This update for expat fixes the following issues: CVE-2024-50602: Fixed possible denial-of-service vulnerability inside XMLResumeParser bsc1232579. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

8.2CVSS7.3AI score0.0104EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/03 8:53 a.m.•4 views

Security update for qemu

This update for qemu fixes the following issues: Fix bsc1221812: block: Reschedule query-block during qcow2 invalidation bsc1221812 Fix bsc1229007, CVE-2024-7409: nbd/server: CVE-2024-7409: Close stray clients at server-stop bsc1229007 nbd/server: CVE-2024-7409: Drop non-negotiating clients...

8.2CVSS7.1AI score0.01027EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/02/03 8:50 a.m.•4 views

Security update for python311, python-rpm-macros

This update for python311, python-rpm-macros fixes the following issues: python311: - CVE-2024-0450: Fixed zipfile module vulnerability with "quoted-overlap" zipbomb bsc1221854 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges bsc1226448 - CVE-2024-0397: Fixed memory race condition...

7.5CVSS10AI score0.34174EPSS
Exploits2References36
SUSE Linux
SUSE Linux
•added 2025/02/03 8:47 a.m.•4 views

Security update for libvirt

This update for libvirt fixes the following issues: Security issue fixed: CVE-2024-4418: rpc: ensure temporary GSource is removed from client event loop bsc1223849 Non-security issue fixed: libxl: Fix domxml-to-native conversion bsc1222584 qemu: Fix migration with custom XML bsc1226492 Patch...

6.2CVSS7.3AI score0.00486EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/02/03 8:47 a.m.•4 views

Security update for qemu

This update for qemu fixes the following issues: Update to version 8.2.5: target/loongarch: fix a wrong print in cpu dump ui/sdl2: Allow host to power down screen target/i386: fix SSE and SSE2 feature check target/i386: fix xsave.flat from kvm-unit-tests disas/riscv: Decode all of the pmpcfg and...

8.2CVSS7.8AI score0.00552EPSS
Exploits2References24
SUSE Linux
SUSE Linux
•added 2025/02/01 3:34 a.m.•4 views

Security update for ignition

This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236518 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.9CVSS7.3AI score0.91969EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/01/30 2:3 p.m.•4 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250128T150132 2025-01-28T15:01:32Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3409 CVE-2025-23208 GHSA-c9p4-xwr9-rfhx GO-2025-3410 CVE-2025-24337 GHSA-3qc3-mx6x-267...

8.7CVSS7AI score0.0104EPSS
Exploits2References68
SUSE Linux
SUSE Linux
•added 2025/01/29 10:41 p.m.•4 views

Security update for shadow

This update for shadow fixes the following issues: Fixed not copying of skel files bsc1228770 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE...

6.7CVSS7.3AI score0.00308EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/01/29 7:34 a.m.•4 views

Security update for go1.23

This update for go1.23 fixes the following issues: Update to go1.23.5 bsc1229122 CVE-2024-45341: Properly check for IPv6 hosts in URIs bsc1236045 CVE-2024-45336: Persist header stripping across repeated redirects bsc1236046 Patch Instructions: To install this SUSE update use the SUSE recommended...

6.1CVSS6.4AI score0.00647EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/01/21 1:58 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-41087: Fix double free on error bsc1228466. CVE-2024-53095: smb: client: Fix use-after-free of network namespace bsc1233642. CVE-2024-53146: NFSD: Prevent a...

8.8CVSS8.4AI score0.02033EPSS
Exploits0References108
SUSE Linux
SUSE Linux
•added 2025/01/17 2:40 p.m.•4 views

Security update for redis

This update for redis fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

8.8CVSS7AI score0.07802EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2025/01/17 2:38 p.m.•4 views

Security update for redis7

This update for redis7 fixes the following issues: CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. bsc1235386 CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution...

8.8CVSS7AI score0.07802EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2025/01/10 1:25 p.m.•4 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

7.8CVSS7.7AI score0.01344EPSS
Exploits1References76
SUSE Linux
SUSE Linux
•added 2025/01/08 9:47 a.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...

7.8CVSS8.3AI score0.03301EPSS
Exploits3References316
SUSE Linux
SUSE Linux
•added 2024/12/27 10:16 a.m.•4 views

Security update for python-grpcio

This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2024/12/23 9:20 a.m.•4 views

Recommended update for vim

This update for vim fixes the following issues: CVE-2024-47814: Fixed use-after-free when closing buffers in Vim bsc1231373 CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 Other fixes: Remove patch that introduced a bug caused significantly more CPU usage bsc1220618 Updated to version...

4.6CVSS7.3AI score0.00349EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2024/12/23 8:49 a.m.•4 views

Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative

This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues: CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can lead to a crash due to the JVM memory limit being exceeded in netty...

5.6CVSS7.6AI score0.00408EPSS
Exploits1References6
SUSE Linux
SUSE Linux
•added 2024/12/20 9:6 a.m.•4 views

Security update for sudo

This update for sudo fixes the following issues: CVE-2021-3156: Fixed regression in CVE bsc1234371 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...

7.8CVSS7.3AI score0.99295EPSS
Exploits81References4
Total number of security vulnerabilities5000